@emilgroup/billing-sdk-node
MAL-2026-2039
npmbackdoor3/22/2026
Description
Malicious code in @emilgroup/billing-sdk-node (npm)
Indicators of Compromise
SHA256 Hashes (3)
4d5db0147f6ec632a467d32e06e1bf0d6ccf51e53b0b642edb58280f8b15f13f
08d6e9b450a96ca7b1280b8799dd80c62762d7025a50ea25eabf80c69eb0bb9e
de3449887fc04fb4e92086bae912bb9857ab8bf9d08fb23149ca41314f2f5f91
Domains (1)
litellm.cloud
Details
Ecosystemnpm
Attack Typebackdoor
Published3/22/2026
Affected Versions
1.57.10
Aliases
GHSA-mw23-j5r9-c8vj
Quick Actions